Privacy Policy - KrankyBear BackTrack

Last Updated: January 7, 2026

📌 Our Privacy Commitment

Your data belongs to you. BackTrack is designed with privacy-first principles. Your practice data stays on YOUR computers, encrypted and under YOUR control. We do not sell, share, or monetize your data. Period.

1. Overview

This Privacy Policy explains how KrankyBear BackTrack ("we," "us," "our") collects, uses, and protects information when you use our practice management software and visit our website.

2. Information We Collect

2.1 Website Information

When you visit our website (krankybearbacktrack.duckdns.org), we may collect:

Contact Information: When you contact us via email or contact forms (name, email address, message content)
Basic Analytics: Standard web server logs (IP address, browser type, pages visited, timestamps) for security and troubleshooting purposes

2.2 Software Application Data

BackTrack software operates locally on your computers. We do NOT collect, transmit, or store your practice data on our servers, including:

Patient/client records
Clinical notes and treatment records
Appointment information
Billing and financial data
Images, attachments, or any other practice data

Important: All patient/client data created in BackTrack stays on YOUR local computers in encrypted databases. We have no access to your practice data unless you explicitly enable optional cloud sync features (future release) or request support assistance.

2.3 License Validation

BackTrack currently uses file-based licensing that operates entirely offline. No data is transmitted to our servers for license validation. Future versions may include optional "call home" features for automatic license updates, which will:

Only transmit your license key and practice name for validation
NOT transmit any patient/client data
Be clearly disclosed and optional where possible

3. How We Use Information

3.1 Website Data

Information collected through our website is used to:

Respond to your inquiries and support requests
Send license files and software updates
Improve our website and services
Detect and prevent security threats or abuse
Comply with legal obligations

3.2 Software Application Data

Data you create within BackTrack is:

Stored locally on your computers in AES-256 encrypted databases
Controlled by you - We have no access unless you explicitly share it
Your responsibility to protect according to applicable healthcare privacy laws (HIPAA, PIPEDA, GDPR, etc.)

4. Data Storage and Security

4.1 Local Data Storage

BackTrack stores all practice data locally on your computers using:

AES-256-GCM encryption for all databases
Argon2id key derivation for password protection
Encrypted backups (when using built-in backup features)
User access controls and audit logging

4.2 Your Security Responsibilities

While BackTrack provides strong encryption, you are responsible for:

Implementing full-disk encryption on your computers (BitLocker, FileVault, LUKS)
Maintaining strong passwords and MFA codes
Physical security of computers and devices
Regular encrypted backups
Keeping operating systems and software updated
Compliance with healthcare privacy regulations in your jurisdiction

4.3 Website Data

Contact information submitted through our website is:

Stored on secure servers with industry-standard encryption
Retained only as long as necessary for support and business purposes
Not shared with third parties except as required by law

5. Data Sharing and Disclosure

We do NOT sell, rent, or share your information with third parties, except:

With your consent: If you explicitly request data migration assistance or support that requires accessing your data
Legal requirements: If required by law, court order, or government regulation
Business transfers: If KrankyBear is acquired or merged, your contact information may be transferred (but your practice data remains under your control)

No Third-Party Analytics or Tracking: Our website does not use Google Analytics, Facebook Pixel, or other third-party tracking scripts. We respect your privacy.

5.1 Customer Confidentiality

All customer information is strictly confidential. We will NOT:

Publicly disclose customer names or business names
Use your practice as a reference without your explicit written permission
Share that you are a BackTrack customer with anyone
Display customer logos or testimonials without prior authorization
Discuss your specific use case or deployment details

If you would like to be featured as a reference practice, case study, or testimonial, we would be honored — but only with your explicit consent. We understand that many healthcare practices prefer to keep their software vendors and internal operations private.

6. Cookies and Tracking

Our website uses minimal cookies:

Essential cookies: Required for website functionality (session management)
No tracking cookies: We do not use advertising or analytics cookies

7. Your Rights and Choices

You have the right to:

Access: Request a copy of any contact information we have about you
Correction: Update or correct your contact information
Deletion: Request deletion of your contact information from our records
Data portability: Export all your practice data from BackTrack at any time
Opt-out: Unsubscribe from marketing emails (we rarely send these anyway)

To exercise these rights, contact us at support@krankybear.com.

8. Children's Privacy

BackTrack is designed for use by healthcare professionals and is not intended for children under 13. We do not knowingly collect information from children.

9. International Users

BackTrack is developed and operated in North America. If you use BackTrack from outside your country, you are responsible for compliance with local data protection laws. Since all practice data is stored locally on YOUR computers, you maintain full control over where your data physically resides.

10. HIPAA and Healthcare Compliance

BackTrack provides the technical safeguards required for HIPAA compliance:

Encryption of data at rest (AES-256)
Access controls and user authentication
Audit logs and activity tracking
Secure backup capabilities

However: HIPAA compliance also requires organizational policies, staff training, Business Associate Agreements (BAAs), and proper use of technology. Since BackTrack operates locally and we do not access your data, no BAA is required for standard use of the software. If you enable future cloud sync features, a BAA will be provided.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via:

Email notifications to licensed users
In-app notifications
Website announcements

Continued use of BackTrack after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: support@krankybear.com
Website: https://krankybear.com

🛡️ Our Promise to You

Privacy is not just a policy for us - it's a core value. We built BackTrack to give healthcare professionals complete control over their data, free from surveillance, tracking, or vendor lock-in. Your data belongs to you, always.

FAQ | Terms of Service | License Agreement | Contact Us